Definition for Code SystemPermissionRuleCombining

{
  "resourceType" : "CodeSystem",
  "id" : "permission-rule-combining",
  "meta" : {
    "lastUpdated" : "2022-09-07T11:58:29.429+11:00",
    "profile" : ["http://hl7.org/fhir/StructureDefinition/shareablecodesystem"]
  },
  "text" : {
    "status" : "generated",
    "div" : "<div>!-- Snipped for Brevity --></div>"
  },
  "extension" : [{
    "url" : "http://hl7.org/fhir/StructureDefinition/structuredefinition-wg",
    "valueCode" : "sec"
  },
  {
    "url" : "http://hl7.org/fhir/StructureDefinition/structuredefinition-standards-status",
    "valueCode" : "trial-use"
  },
  {
    "url" : "http://hl7.org/fhir/StructureDefinition/structuredefinition-fmm",
    "valueInteger" : 0
  }],
  "url" : "http://hl7.org/fhir/permission-rule-combining",
  "identifier" : [{
    "system" : "urn:ietf:rfc:3986",
    "value" : "urn:oid:2.16.840.1.113883.4.642.4.2070"
  }],
  "version" : "5.0.0-ballot",
  "name" : "PermissionRuleCombining",
  "title" : "PermissionRuleCombining",
  "status" : "draft",
  "experimental" : false,
  "date" : "2022-08-05T10:01:24+11:00",
  "publisher" : "HL7 (FHIR Project)",
  "contact" : [{
    "telecom" : [{
      "system" : "url",
      "value" : "http://hl7.org/fhir"
    },
    {
      "system" : "email",
      "value" : "fhir@lists.hl7.org"
    }]
  }],
  "description" : "Codes identifying the rule combining. See XACML Combining algorithms  http://docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec-cos01-en.html",
  "caseSensitive" : true,
  "content" : "complete",
  "concept" : [{
    "code" : "deny-overrides",
    "display" : "Deny-overrides",
    "definition" : "The deny overrides combining algorithm is intended for those cases where a deny decision should have priority over a permit decision."
  },
  {
    "code" : "permit-overrides",
    "display" : "Permit-overrides",
    "definition" : "The permit overrides combining algorithm is intended for those cases where a permit decision should have priority over a deny decision."
  },
  {
    "code" : "ordered-deny-overrides",
    "display" : "Ordered-deny-overrides",
    "definition" : "The behavior of this algorithm is identical to that of the “Deny-overrides” rule-combining algorithm with one exception.  The order in which the collection of rules is evaluated SHALL match the order as listed in the permission."
  },
  {
    "code" : "ordered-permit-overrides",
    "display" : "Ordered-permit-overrides",
    "definition" : "The behavior of this algorithm is identical to that of the “Permit-overrides” rule-combining algorithm with one exception.  The order in which the collection of rules is evaluated SHALL match the order as listed in the permission."
  },
  {
    "code" : "deny-unless-permit",
    "display" : "Deny-unless-permit",
    "definition" : "The “Deny-unless-permit” combining algorithm is intended for those cases where a permit decision should have priority over a deny decision, and an “Indeterminate” or “NotApplicable” must never be the result. It is particularly useful at the top level in a policy structure to ensure that a PDP will always return a definite “Permit” or “Deny” result."
  },
  {
    "code" : "permit-unless-deny",
    "display" : "Permit-unless-deny",
    "definition" : "The “Permit-unless-deny” combining algorithm is intended for those cases where a deny decision should have priority over a permit decision, and an “Indeterminate” or “NotApplicable” must never be the result. It is particularly useful at the top level in a policy structure to ensure that a PDP will always return a definite “Permit” or “Deny” result. This algorithm has the following behavior."
  }]
}